GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,324 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies...
High
Unreviewed
CVE-2024-47644
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a...
Moderate
Unreviewed
CVE-2024-47635
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo...
Moderate
Unreviewed
CVE-2024-47846
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site...
High
Unreviewed
CVE-2024-43684
was published
Oct 4, 2024
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &...
Moderate
Unreviewed
CVE-2024-8520
was published
Oct 4, 2024
The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain...
High
Unreviewed
CVE-2024-41987
was published
Oct 3, 2024
A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a...
Moderate
Unreviewed
CVE-2024-42504
was published
Oct 3, 2024
Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge...
Moderate
Unreviewed
CVE-2023-7273
was published
Oct 1, 2024
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross...
High
Unreviewed
CVE-2024-8458
was published
Sep 30, 2024
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an...
High
Unreviewed
CVE-2024-28948
was published
Sep 27, 2024
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2024-9281
was published
Sep 27, 2024
A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-9282
was published
Sep 27, 2024
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF)...
Moderate
Unreviewed
CVE-2024-45987
was published
Sep 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management...
Moderate
Unreviewed
CVE-2024-45983
was published
Sep 26, 2024
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability....
Moderate
Unreviewed
CVE-2024-45372
was published
Sep 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a...
Moderate
Unreviewed
CVE-2024-47315
was published
Sep 25, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site...
Moderate
Unreviewed
CVE-2024-47305
was published
Sep 25, 2024
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow...
Moderate
Unreviewed
CVE-2024-20414
was published
Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
Moderate
Unreviewed
CVE-2024-46600
was published
Sep 25, 2024
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2024-20437
was published
Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin...
Moderate
Unreviewed
CVE-2024-46485
was published
Sep 25, 2024
The Easy PayPal Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-8476
was published
Sep 25, 2024
The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross...
Moderate
Unreviewed
CVE-2024-7386
was published
Sep 25, 2024
The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-8795
was published
Sep 24, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add
High
Unreviewed
CVE-2024-46394
was published
Sep 19, 2024
ProTip!
Advisories are also available from the
GraphQL API